def test_secret(db, config, encrypt): """ If encryption is enabled, ensure that: * secrets are encrypted. * secrets are decrypted correctly on retrieval. * secrets are bytes. """ config["ENCRYPT_SECRETS"] = encrypt bytes_secret = b"\xff\x00\xf1" unicode_secret = u"foo\u00a0" secret = Secret() secret.type = "password" secret.secret = bytes_secret db.session.add(secret) db.session.commit() secret = db.session.query(Secret).get(secret.id) if encrypt: assert secret._secret != bytes_secret, "secret is not encrypted" else: assert secret._secret == bytes_secret assert secret.secret == bytes_secret, "secret not decrypted correctly" secret.secret = unicode_secret assert secret.secret == unicode_secret.encode("utf8")
def test_secret(db, config, encrypt): """ If encryption is enabled, ensure that: * secrets are encrypted. * secrets are decrypted correctly on retrieval. * secrets are bytes. """ config['ENCRYPT_SECRETS'] = encrypt bytes_secret = b'\xff\x00\xf1' unicode_secret = u'foo\u00a0' secret = Secret() secret.type = 'password' secret.secret = bytes_secret db.session.add(secret) db.session.commit() secret = db.session.query(Secret).get(secret.id) if encrypt: assert secret._secret != bytes_secret, 'secret is not encrypted' else: assert secret._secret == bytes_secret assert secret.secret == bytes_secret, 'secret not decrypted correctly' with pytest.raises(TypeError) as e: secret.secret = unicode_secret assert e.typename == 'TypeError', 'secret cannot be unicode'
def set_secret(self, secret_type, secret_value): # type: (SecretType, bytes) -> None if not self.secret: self.secret = Secret() self.secret.type = secret_type.value self.secret.secret = secret_value
def imap_password(self, value): # type: (Union[str, bytes]) -> None value = self.valid_password(value) # type: bytes if not self.imap_secret: self.imap_secret = Secret() self.imap_secret.secret = value self.imap_secret.type = "password"
def refresh_token(self, value): # Must be a valid UTF-8 byte sequence without NULL bytes. if isinstance(value, unicode): value = value.encode('utf-8') try: unicode(value, 'utf-8') except UnicodeDecodeError: raise ValueError('Invalid refresh_token') if b'\x00' in value: raise ValueError('Invalid refresh_token') if not self.refresh_token_secret: self.refresh_token_secret = Secret() self.refresh_token_secret.secret = value self.refresh_token_secret.type = 'token'
def set_secret(self, secret_type, secret_value): if not self.secret: self.secret = Secret() self.secret.type = secret_type.value self.secret.secret = secret_value
def smtp_password(self, value): value = self.valid_password(value) if not self.smtp_secret: self.smtp_secret = Secret() self.smtp_secret.secret = value self.smtp_secret.type = "password"
def imap_password(self, value): value = self.valid_password(value) if not self.imap_secret: self.imap_secret = Secret() self.imap_secret.secret = value self.imap_secret.type = 'password'
def put(self, value, type=0, acl=0): with session_scope() as db_session: secret = Secret(secret=value, type=type, acl_id=acl) db_session.add(secret) db_session.commit() return secret.id